xemu/hw
Peter Maydell 382c7160d1 hw/intc/arm_gicv3_cpuif: Fix EOIR write access check logic
In icc_eoir_write() we assume that we can identify the group of the
IRQ being completed based purely on which register is being written
to and the current CPU state, and that "CPU state matches group
indicated by register" is the only necessary access check.

This isn't correct: if the CPU is not in Secure state then EOIR1 will
only complete Group 1 NS IRQs, but if the CPU is in EL3 it can
complete both Group 1 S and Group 1 NS IRQs.  (The pseudocode
ICC_EOIR1_EL1 makes this clear.) We were also missing the logic to
prevent EOIR0 writes completing G0 IRQs when they should not.

Rearrange the logic to first identify the group of the current
highest priority interrupt and then look at whether we should
complete it or ignore the access based on which register was accessed
and the state of the CPU.  The resulting behavioural change is:
 * EL3 can now complete G1NS interrupts
 * G0 interrupt completion is now ignored if the GIC
   and the CPU have the security extension enabled and
   the CPU is not secure

Reported-by: Chan Kim <ckim@etri.re.kr>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210510150016.24910-1-peter.maydell@linaro.org
2021-05-25 16:01:43 +01:00
..
9pfs hw/9pfs/9p-synth: Replaced qemu_mutex_lock with QEMU_LOCK_GUARD 2021-03-16 11:41:49 +01:00
acpi pc,pci,virtio: bugfixes, improvements 2021-05-16 17:22:46 +01:00
adc clock: Add ClockEvent parameter to callbacks 2021-03-08 17:20:01 +00:00
alpha Do not include exec/address-spaces.h if it's not really necessary 2021-05-02 17:24:51 +02:00
arm hw/arm/smmuv3: Another range invalidation fix 2021-05-25 15:44:45 +01:00
audio Drop the deprecated lm32 target 2021-05-12 18:20:25 +02:00
avr hw/avr/atmega.c: use the avr51 cpu for atmega1280 2021-05-13 19:11:42 +02:00
block Block layer patches 2021-05-19 16:10:35 +01:00
char Miscellaneous patches for 2021-05-12 2021-05-13 20:13:24 +01:00
core numa: Make all callbacks of ram block notifiers optional 2021-05-13 18:21:13 +01:00
cpu cpu/core: Fix "help" of CPU core device types 2021-04-09 16:05:16 -04:00
cris Do not include exec/address-spaces.h if it's not really necessary 2021-05-02 17:24:51 +02:00
display Drop the deprecated lm32 target 2021-05-12 18:20:25 +02:00
dma Drop the deprecated unicore32 target 2021-05-12 18:20:52 +02:00
gpio Pull request trivial-branch 20210515 2021-05-17 16:44:47 +01:00
hppa Do not include exec/address-spaces.h if it's not really necessary 2021-05-02 17:24:51 +02:00
hyperv qdev: Move softmmu properties to qdev-properties-system.h 2020-12-18 15:20:17 -05:00
i2c Add a bus multiplexer device 2021-05-14 14:26:23 +01:00
i386 pc,pci,virtio: bugfixes, improvements 2021-05-16 17:22:46 +01:00
ide hw: Do not include hw/sysbus.h if it is not necessary 2021-05-02 17:24:50 +02:00
input pc,pci,virtio: bugfixes, improvements 2021-05-16 17:22:46 +01:00
intc hw/intc/arm_gicv3_cpuif: Fix EOIR write access check logic 2021-05-25 16:01:43 +01:00
ipack Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
ipmi hw: Do not include qemu/log.h if it is not necessary 2021-05-02 17:24:50 +02:00
isa ppc patch queue 2021-05-04 2021-05-05 20:29:14 +01:00
m68k Do not include exec/address-spaces.h if it's not really necessary 2021-05-02 17:24:51 +02:00
mem Pull request trivial-branch 20210515 2021-05-17 16:44:47 +01:00
microblaze Do not include sysemu/sysemu.h if it's not really necessary 2021-05-02 17:24:50 +02:00
mips Trivial patches pull request 20210503 2021-05-05 13:52:00 +01:00
misc Drop the deprecated unicore32 target 2021-05-12 18:20:52 +02:00
net pc,pci,virtio: bugfixes, improvements 2021-05-16 17:22:46 +01:00
nios2 Do not include cpu.h if it's not really necessary 2021-05-02 17:24:51 +02:00
nubus hw: Do not include hw/sysbus.h if it is not necessary 2021-05-02 17:24:50 +02:00
nvme hw/nvme: move nvme emulation out of hw/block 2021-05-17 09:19:00 +02:00
nvram Do not include exec/address-spaces.h if it's not really necessary 2021-05-02 17:24:51 +02:00
openrisc Do not include exec/address-spaces.h if it's not really necessary 2021-05-02 17:24:51 +02:00
pci Do not include exec/address-spaces.h if it's not really necessary 2021-05-02 17:24:51 +02:00
pci-bridge Kconfig: Compile PXB for ARM_VIRT 2021-01-17 06:42:54 -05:00
pci-host hw/pci-host: Do not build gpex-acpi.c if GPEX is not selected 2021-05-13 18:12:40 +02:00
pcmcia hw/pcmcia: Do not register PCMCIA type if not required 2021-05-02 17:24:50 +02:00
ppc hw/ppc: moved has_spr to cpu.h 2021-05-19 10:30:28 +10:00
rdma pvrdma: wean code off pvrdma_ring.h kernel header 2021-03-15 16:41:22 +08:00
remote multi-process: Initialize variables declared with g_auto* 2021-05-21 15:43:57 +01:00
riscv hw/riscv: Fix OT IBEX reset vector 2021-05-11 20:02:07 +10:00
rtc hw/rtc/mc146818rtc: Convert to 3-phase reset (Resettable interface) 2021-05-13 18:05:22 +02:00
rx hw/rx/rx-gdbsim: Do not accept invalid memory size 2021-05-03 10:07:41 +02:00
s390x hw/s390x/ccw: Register qbus type in abstract TYPE_CCW_DEVICE parent 2021-05-20 14:19:30 +02:00
scsi pc,pci,virtio: bugfixes, improvements 2021-05-16 17:22:46 +01:00
sd Drop the deprecated lm32 target 2021-05-12 18:20:25 +02:00
sh4 Do not include exec/address-spaces.h if it's not really necessary 2021-05-02 17:24:51 +02:00
smbios hw/smbios: support for type 41 (onboard devices extended information) 2021-05-14 10:26:18 -04:00
sparc qemu-sparc queue 2021-05-10 12:34:05 +01:00
sparc64 qemu-sparc queue 2021-05-10 12:34:05 +01:00
ssi Trivial patches pull request 20210503 2021-05-05 13:52:00 +01:00
timer Pull request trivial-branch 20210515 2021-05-17 16:44:47 +01:00
tpm Do not include exec/address-spaces.h if it's not really necessary 2021-05-02 17:24:51 +02:00
tricore hw/tricore: Add testdevice for tests in tests/tcg/ 2021-05-18 09:36:21 +01:00
usb Drop the deprecated lm32 target 2021-05-12 18:20:25 +02:00
vfio vfio-ccw: Attempt to clean up all IRQs on error 2021-05-20 14:19:30 +02:00
virtio vhost-user-blk: Check that num-queues is supported by backend 2021-05-18 12:57:39 +02:00
watchdog clock: Add ClockEvent parameter to callbacks 2021-03-08 17:20:01 +00:00
xen Do not include exec/address-spaces.h if it's not really necessary 2021-05-02 17:24:51 +02:00
xenpv meson: convert hw/arch* 2020-08-21 06:30:33 -04:00
xtensa Do not include exec/address-spaces.h if it's not really necessary 2021-05-02 17:24:51 +02:00
Kconfig hw/nvme: move nvme emulation out of hw/block 2021-05-17 09:19:00 +02:00
meson.build hw/nvme: move nvme emulation out of hw/block 2021-05-17 09:19:00 +02:00